CVE-2021-45851

Vulnerability

FUXA version 1.1.3, a web-based SCADA/HMI platform [1], is vulnerable to Server-Side Request Forgery (SSRF). The flaw allows an attacker to induce the server to make HTTP requests to arbitrary internal or external destinations, potentially reaching services that are not intended to be exposed [2]. The exact component triggering the SSRF is not detailed in public references, but it likely resides in a feature that processes user-supplied URLs or network addresses.

Exploitation

An attacker with network access to the FUXA web interface can craft a malicious request containing a target URL pointing to internal resources (e.g., http://localhost:8080/admin). The server then fetches that URL and returns the response to the attacker, effectively bypassing network segmentation. No authentication is explicitly required in the available descriptions, though the attack may depend on the specific endpoint used [2].

Impact

Successful exploitation leads to disclosure of sensitive information from the server's internal environment and services, such as configuration files, credentials, or data from other internal applications. The description further notes that this SSRF can often be escalated to execute arbitrary commands on the server, resulting in full compromise of the FUXA host [2].

Mitigation

As of the publication date (2022-03-16), no official patch or fixed version has been released for FUXA 1.1.3 [1][2]. Users should restrict network access to the FUXA server to trusted hosts only, implement strict input validation on any URL parameters, and monitor logs for suspicious outbound requests. If possible, upgrade to a later version if a fix becomes available.